Can Self-Custody Wallets Be a Defense Against Crypto Hacks? A non-custodial wallet means you are responsible for storing and managing your private keys, rather than third parties. Self-custody eliminates the potential for fraud, negligence, or regulatory failure when a counterparty controls a person's funds

On July 18, what seemed like a mundane Thursday quickly spiralled into a frenzy for the cryptocurrency ecosystem and India when the report of a USD 230 million (INR roughly 1,900 crores) crypto hack came to light. That's seven zeros after 23 and made up approximately 45 per cent of the crypto assets of the affected exchange- WazirX.

Almost one month later, the assets remain unrecovered with WazirX users demanding their hard-earned money back. The situation worsens with India's stance on keeping cryptocurrency at a one-arm distance, including levying a one per cent Tax Deducted at Source (TDS) on the transfer of Virtual Digital Assets (VDA), alongside a flat 30 per cent tax on income from these transactions.

Gaurav Chaudhary, a WazirX user, claimed to have around INR 79 lakhs invested in the platform and said trusting the Nischal Shetty venture "was the biggest mistake of my life." Recently, Binance notified that it recovered USD 73M in stolen funds as of July 31, surpassing the USD 55 million recovered in 2023.

So, the question arises: Can there be a method that makes crypto investments and management more transparent and safe? Several industry players believe the answer lies in self-custodial (non-custodial) wallets.

A potential defense

For the uninitiated, crypto wallets enable the storage of public and private keys. The public key allows the user to receive money while the private key is for sending. The private key is also the password to one's email. Wallets are either custodial or non-custodial, depending on who controls or has access to private keys.

A custodial wallet is in which a third party (usually a crypto exchange) is responsible for managing your private keys. In this structure, a service provider has complete control over your money rather than you having custodial access to the funds. On the other hand, a non-custodial wallet means you are responsible for storing and managing your private keys, rather than third parties. Self-custody eliminates the potential for fraud, negligence, or regulatory failure when a counterparty controls a person's funds.

For the WazirX fiasco, the wallet had six signatories—five from the WazirX team and one from Liminal, responsible for transaction verifications.

While the Financial Intelligence Unit does not restrict it, the practice has not been encouraged by players as a part of business.

So, can self-custody wallets be a foolproof option for users? "We're seeing an increasing trend globally, that mature users over time, build a behaviour where they prefer to hold their assets in DeFi wallets such as Metamask Bitget wallet, etc. For trading users generally use centralized exchanges (CEXs) to transact and trade as it's faster and offers more liquidity," said Simran Alphonso, Head of Global Communications, Bitget.

Earlier this year, NEAR Protocol (NEAR) announced over one million Telegram users had created wallets using HERE, its self-custodial wallet, within a span of 10 days. ChaiDEX, a decentralized P2P exchange, and its native wallet, ChaiWallet, announced it had implemented non-custodial solutions to eliminate 3rd party involvement in managing crypto funds.

"Self-custody wallets are expected to play a bigger role as consumers realize how important personal financial security and control are. Improved user interfaces and multi-party computation (MPC) are two advancements that will probably make self-custody wallets safer and more accessible. Users will be better equipped to manage their digital assets as a result of this progression, which will reduce dependency on outside custodians," said Shivam Thakral, CEO, BuyUcoin.

Two sides of coin

While self-custody wallets have their share of benefits, it does not equate as a foolproof solution to crypto hacks. "Self-custody wallets too come with their own set of challenges. The biggest challenge for an individual user using self-custody wallets is two-fold: to adopt robust security measures (using hardware wallets, and keeping backups in secure locations) and manage the technical know-how required to effectively manage all this," shared Vikram Subburaj, CEO, Giottus.

The ideal situation would be where all service providers make it an option — crypto investors should be free to choose between using exchange-provided wallets or self-custody ones.

Do self-custody wallets, in any way, become an impediment for crypto providers? Subburaj and Thakral believe so. "Crypto providers may face difficulties with self-custody wallets, particularly related to user involvement and transaction volume. Users may be less likely to use exchange services for trading because they have complete control over their assets, which could have an effect on liquidity and trading fees for providers," the latter adds.

"Another aspect is the complexity that users may face as they shift to self-custody. Many users, especially newcomers, may find self-custody wallets complex and challenging to manage. This could lead to increased support demands and a potential barrier to adoption," adds Subburaj.

Developing self-custody wallets easy?

Developing a secure and user-friendly self-custody wallet presents a unique set of challenges. For one, the cost of wallets, such as good hardware, can cost upwards of INR 10,000, while software wallets may not be suited for a portfolio less than INR 10,000. Additionally, balancing security with user experience is crucial to ensuring widespread adoption and trust in wallets.

Advanced security protocols like implementing multi-factor authentication, end-to-end encryption, and regular security audits should be adopted. Subburaj notes that these challenges could be amplified by varying levels of digital literacy and access to technology.